Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
File:                     xAqOocjcM7gpD-vTTkU4vZWXROg.mft (raw, json)
Hash identifier:          y5jih7xFPsGMVngDxwDy/Eyas+O8Q8mSwU8BN5cl/Qk=
Subject key identifier:   BA:B7:AB:40:75:B5:0E:81:2D:20:19:16:DB:7E:FA:4B:AA:8C:B4:06
Authority key identifier: C4:0A:8E:A1:C8:DC:33:B8:29:0F:EB:D3:4E:45:38:BD:95:97:44:E8
Certificate issuer:       /CN=c40a8ea1c8dc33b8290febd34e4538bd959744e8
Certificate serial:       019A4D73E3EDA8444BBA65224F27836EA660
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
Manifest number:          169C
Signing time:             Tue 04 Nov 2025 06:00:31 +0000
Manifest this update:     Tue 04 Nov 2025 06:00:31 +0000
Manifest next update:     Wed 05 Nov 2025 06:00:31 +0000
Files and hashes:         1: xAqOocjcM7gpD-vTTkU4vZWXROg.crl (hash: M2CsUtixiMIJdmde1DsKDCE26b8ilEKtLbAIY2YyNYc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 06:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:73:e3:ed:a8:44:4b:ba:65:22:4f:27:83:6e:a6:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c40a8ea1c8dc33b8290febd34e4538bd959744e8
        Validity
            Not Before: Nov  4 06:00:31 2025 GMT
            Not After : Nov  5 06:00:31 2025 GMT
        Subject: CN=bab7ab4075b50e812d201916db7efa4baa8cb406
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:40:42:d8:16:eb:45:4c:7d:bc:97:b2:3c:76:
                    7d:92:dd:54:59:18:6a:17:62:38:2b:97:65:c9:55:
                    60:53:98:4b:60:45:7a:a8:9c:cd:ed:34:ea:ea:5e:
                    6b:c3:41:b9:69:63:df:e6:a7:cd:b2:05:38:aa:31:
                    0c:0d:93:32:9f:60:1d:7c:f0:e1:c7:2f:43:39:ab:
                    a1:cd:53:80:5e:57:d6:8d:c9:b7:33:c5:46:3b:be:
                    09:a3:67:1b:16:fa:10:1f:bd:de:90:d0:a9:dd:ff:
                    bb:cd:8f:b5:fc:f3:4d:14:e4:5c:a8:9f:d3:b3:d8:
                    91:76:0c:30:c0:4b:21:9e:60:6b:7d:8f:d9:99:c2:
                    dc:d4:18:88:12:d0:60:3d:5b:ba:aa:7d:11:80:0f:
                    65:01:89:f2:93:fc:2f:0b:cf:4e:48:27:7c:0a:ba:
                    c1:4c:78:26:8c:71:a6:86:14:df:e7:c0:eb:cf:4f:
                    0f:58:34:2e:b2:f9:09:04:6a:c7:05:d8:31:50:81:
                    2e:7d:80:ff:60:3a:62:05:99:b1:33:b7:12:91:9e:
                    91:1d:bf:53:a5:e1:3d:bf:9a:a1:63:34:36:e1:8d:
                    d2:9b:59:1d:6e:15:a7:39:b8:26:25:f4:a6:f0:d1:
                    42:ae:3e:3e:dc:3f:35:97:11:04:aa:3b:3e:12:62:
                    ff:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:B7:AB:40:75:B5:0E:81:2D:20:19:16:DB:7E:FA:4B:AA:8C:B4:06
            X509v3 Authority Key Identifier:
                keyid:C4:0A:8E:A1:C8:DC:33:B8:29:0F:EB:D3:4E:45:38:BD:95:97:44:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:f6:db:bb:18:77:b7:d9:ba:38:9f:47:79:ff:ae:52:e8:81:
         78:94:6f:da:7b:bc:22:98:ba:6e:90:99:fe:d1:30:d3:f9:b7:
         41:0b:53:c8:34:ea:9b:de:ba:12:f7:69:6c:08:d2:a7:27:4a:
         92:b7:f9:eb:c0:14:4c:6f:52:d3:fb:a3:b7:ca:7e:2a:1f:ef:
         56:c3:75:74:c3:09:66:1a:f9:21:69:bd:96:93:86:50:4b:18:
         14:1d:3f:3a:09:0a:43:fb:08:cc:f3:1f:8e:7c:0b:ff:6d:46:
         01:e0:27:e1:d7:11:5f:6c:85:41:4f:f0:5f:ce:ee:cf:e2:c2:
         f9:d8:a0:ca:5c:f4:7d:12:ea:3b:8d:ad:58:9b:4a:ba:85:e0:
         b2:98:d9:27:62:4a:c3:9f:bd:78:21:23:2e:5a:12:8b:a3:91:
         c0:cb:52:09:0b:a5:61:3c:26:e0:45:e0:27:da:9b:89:c5:5f:
         34:af:71:8c:1c:24:64:87:1a:8c:a5:af:14:21:53:d8:25:08:
         b6:ae:fb:4d:c0:7b:81:a4:79:ac:84:8a:9f:42:e4:5d:33:59:
         ad:2d:49:2a:f5:6e:03:b7:22:04:d1:d6:bb:37:8e:d7:7e:02:
         bb:b6:55:f2:4d:75:17:d4:b1:c4:59:6e:50:3c:b3:3e:51:33:
         3a:76:fd:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNc+PtqERLumUiTyeDbqZgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MGE4ZWExYzhkYzMzYjgyOTBmZWJkMzRlNDUzOGJkOTU5
NzQ0ZTgwHhcNMjUxMTA0MDYwMDMxWhcNMjUxMTA1MDYwMDMxWjAzMTEwLwYDVQQD
EyhiYWI3YWI0MDc1YjUwZTgxMmQyMDE5MTZkYjdlZmE0YmFhOGNiNDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4UBC2BbrRUx9vJeyPHZ9kt1UWRhq
F2I4K5dlyVVgU5hLYEV6qJzN7TTq6l5rw0G5aWPf5qfNsgU4qjEMDZMyn2AdfPDh
xy9DOauhzVOAXlfWjcm3M8VGO74Jo2cbFvoQH73ekNCp3f+7zY+1/PNNFORcqJ/T
s9iRdgwwwEshnmBrfY/ZmcLc1BiIEtBgPVu6qn0RgA9lAYnyk/wvC89OSCd8CrrB
THgmjHGmhhTf58Drz08PWDQusvkJBGrHBdgxUIEufYD/YDpiBZmxM7cSkZ6RHb9T
peE9v5qhYzQ24Y3Sm1kdbhWnObgmJfSm8NFCrj4+3D81lxEEqjs+EmL/VwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLq3q0B1tQ6BLSAZFtt++kuqjLQGMB8GA1UdIwQY
MBaAFMQKjqHI3DO4KQ/r005FOL2Vl0ToMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9lOThiZjctYzVjOC00NTYxLTk3ZTgt
ZTEzMTYwYWMzZTIzLzEveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9lOThiZjctYzVjOC00NTYxLTk3ZTgtZTEzMTYwYWMzZTIz
LzEveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdvbbuxh3
t9m6OJ9Hef+uUuiBeJRv2nu8Ipi6bpCZ/tEw0/m3QQtTyDTqm966EvdpbAjSpydK
krf568AUTG9S0/ujt8p+Kh/vVsN1dMMJZhr5IWm9lpOGUEsYFB0/OgkKQ/sIzPMf
jnwL/21GAeAn4dcRX2yFQU/wX87uz+LC+digylz0fRLqO42tWJtKuoXgspjZJ2JK
w5+9eCEjLloSi6ORwMtSCQulYTwm4EXgJ9qbicVfNK9xjBwkZIcajKWvFCFT2CUI
tq77TcB7gaR5rISKn0LkXTNZrS1JKvVuA7ciBNHWuzeO134Cu7ZV8k11F9SxxFlu
UDyzPlEzOnb9CQ==
-----END CERTIFICATE-----